CN115185879A - Control device, data processing method, storage system, and SOC - Google Patents
Control device, data processing method, storage system, and SOC Download PDFInfo
- Publication number
- CN115185879A CN115185879A CN202210742596.7A CN202210742596A CN115185879A CN 115185879 A CN115185879 A CN 115185879A CN 202210742596 A CN202210742596 A CN 202210742596A CN 115185879 A CN115185879 A CN 115185879A
- Authority
- CN
- China
- Prior art keywords
- memory
- encryption
- bus
- decryption
- write
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003860 storage Methods 0.000 title claims abstract description 62
- 238000003672 processing method Methods 0.000 title abstract description 11
- 238000000034 method Methods 0.000 claims description 23
- 230000004044 response Effects 0.000 claims description 5
- 230000002093 peripheral effect Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000002427 irreversible effect Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000007723 transport mechanism Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/76—Architectures of general purpose stored program computers
- G06F15/78—Architectures of general purpose stored program computers comprising a single central processing unit
- G06F15/7807—System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The present disclosure provides a control apparatus including a bus interface, a memory interface, a write-once storage unit, and a security unit; the bus interface is used for connecting a bus of the system on chip SOC; the number of the bus interfaces is one or more, and at least part of the bus interfaces are connected with the memory interface through the safety unit; the memory interface is used for connecting a memory of the SOC: the write-once storage unit stores an encryption and decryption key; the safety unit is connected with the write-once storage unit; the security unit includes: and the encryption and decryption module is used for encrypting the data written into the memory by the security unit according to the encryption and decryption key and decrypting the data read out from the memory by the security unit. The disclosure also provides a data processing method, a storage system and an SOC.
Description
Technical Field
The present disclosure relates to the field of data processing technologies, and in particular, to a control device, a data processing method, a storage system, and an SOC.
Background
A memory (e.g., a firmware program for storing a boot code, an operating System, etc. of a System On Chip (SOC) needs to be used in cooperation with a control device, that is, the control device needs to control various operations on the memory.
However, in some related technologies, the security of the control device is not high, which causes data in the memory to be easily stolen or maliciously tampered, thereby causing problems such as reduced reliability of the SOC product and leakage of critical information (e.g., boot code, operating system).
Disclosure of Invention
The present disclosure provides a control apparatus, a data processing method, a storage system, and an SOC.
In a first aspect, an embodiment of the present disclosure provides a control apparatus, including a bus interface, a memory interface, a write-once storage unit, and a security unit;
the bus interface is used for connecting a bus of the system on chip SOC; the number of the bus interfaces is one or more, and at least part of the bus interfaces are connected with the memory interface through the safety unit;
the memory interface is used for connecting a memory of the SOC:
the write-once storage unit stores an encryption and decryption key;
the safety unit is connected with the write-once storage unit; the security unit includes: and the encryption and decryption module is used for encrypting the data written into the memory by the security unit according to the encryption and decryption key and decrypting the data read out from the memory by the security unit.
In one possible embodiment, the security unit further comprises:
and the access authentication module is used for performing access authentication on the access request sent to the memory by the security unit.
In one possible embodiment, the write-once storage unit further stores therein signature information;
the access authentication module is used for performing signature authentication on an access request sent to the memory by the security unit according to the signature information.
In a possible embodiment, the access authentication module is further configured to determine a range accessible by the access request in the memory according to a result of the access authentication.
In one possible embodiment, the security unit further comprises:
and the scrambling and descrambling module is used for scrambling a write address in a write request sent to the memory by the security unit to be used as an address written into the memory and descrambling an address of a read request sent to the memory by the security unit to be used as an address read out from the memory.
In one possible embodiment, the write-once memory cell includes:
the fuse is electrically programmed.
In one possible embodiment, the write-once storage unit further stores therein encryption and decryption count information;
the encrypting the data written into the memory via the security unit according to the encryption and decryption keys, and decrypting the data read out from the memory via the security unit include: generating a current key according to the encryption and decryption count information and the encryption and decryption key, encrypting data written into the memory by the security unit with the current key, and decrypting data read out from the memory by the security unit;
the encryption and decryption module is further used for writing at least one unwritten bit in the encryption and decryption count information as 1 before writing data into the memory each time.
In one possible embodiment, the write-once storage unit further stores decryption enabling information;
the encryption and decryption module is further used for enabling decryption operation according to the decryption enabling information.
In one possible embodiment, the bus interface comprises a first bus interface for connecting with a first bus, and a second bus interface for connecting with a second bus;
the first bus interface is connected with the memory interface through the safety unit;
the second bus interface is not connected to the memory interface via the security unit.
In one possible embodiment, the control device of the embodiment of the present disclosure further includes a range defining unit;
the second bus interface is connected with the memory interface through the range limiting unit;
the range defining unit is configured to define a range in the memory that is accessible by an access request sent to the memory therethrough.
In one possible embodiment, the first bus interface is an advanced high performance bus, AHB, interface for connecting an AHB;
the second bus interface is an Advanced Peripheral Bus (APB) interface for connecting an APB.
In a second aspect, the present disclosure provides a method for data processing, which is performed by any one of the control devices of the present disclosure, and the method includes:
in response to the security unit receiving a write request sent to the memory, the encryption and decryption module acquires the encryption and decryption key from the write-once storage unit and encrypts data written to the memory according to the encryption and decryption key;
in response to the security unit receiving a read request sent to the memory, the encryption and decryption module obtains the encryption and decryption key from the write-once storage unit and decrypts the data read from the memory according to the encryption and decryption key.
In a third aspect, an embodiment of the present disclosure provides a storage system, including any one of the control devices in the embodiments of the present disclosure, and a memory of a system on chip SOC;
wherein the memory of the SOC is connected with the memory interface of the control device.
In one possible embodiment, the memory stores a firmware program of the SOC and/or data of which data amount is smaller than a predetermined value.
In a fourth aspect, an embodiment of the present disclosure provides a system on chip SOC, including a bus, a memory, and any one of the control devices of the embodiments of the present disclosure;
wherein the bus interface of the control device is connected with the bus, and the memory interface of the control device is connected with the memory.
In the embodiment of the disclosure, the data of the memory needs to be encrypted and decrypted according to the encryption and decryption key, so that the data stored in the memory is encrypted, and the security is good; moreover, the encryption and decryption keys are stored in the write-once storage unit, so that the encryption and decryption keys cannot be illegally modified, the data security is further improved, the reliability of the SOC product is improved, and the leakage of key information is avoided.
Drawings
Fig. 1 is a block diagram of a control device according to an embodiment of the present disclosure;
fig. 2 is a block diagram of another control device provided in the embodiment of the present disclosure;
fig. 3 is a flowchart of a method for data processing according to an embodiment of the present disclosure;
fig. 4 is a schematic diagram of a logic process when data is written in a data processing method according to an embodiment of the present disclosure;
fig. 5 is a schematic diagram of a logic process when data is read in a data processing method according to an embodiment of the present disclosure;
fig. 6 is a schematic diagram illustrating a logic process of encryption/decryption when a cnt is used in a data processing method according to an embodiment of the present disclosure;
FIG. 7 is a block diagram illustrating components of a storage system according to an embodiment of the present disclosure;
fig. 8 is a block diagram of an SOC according to an embodiment of the present disclosure.
Detailed Description
The control device, the data processing method, the storage system, and the SOC provided by the present disclosure are described in detail below with reference to the drawings.
The present disclosure will be described more fully hereinafter with reference to the accompanying drawings, but the illustrated embodiments may be embodied in different forms and should not be construed as limited to the embodiments set forth in the disclosure. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
The present disclosure may be described with reference to plan and/or cross-sectional views by way of idealized schematic illustrations of the present disclosure. Accordingly, the example illustrations can be modified in accordance with manufacturing techniques and/or tolerances.
Embodiments of the present disclosure and features of embodiments may be combined with each other without conflict.
The terminology used in the present disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. As used in this disclosure, the term "and/or" includes any and all combinations of one or more of the associated listed items. As used in this disclosure, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. The term "comprises/comprising" when used in this disclosure is taken to specify the presence of stated features, integers, steps, operations, elements, and/or components, but does not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
Unless otherwise defined, all terms (including technical and scientific terms) used in this disclosure have the same meaning as commonly understood by one of ordinary skill in the art. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the relevant art and the present disclosure, and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The present disclosure is not limited to the embodiments shown in the drawings, but includes modifications of configurations formed based on a manufacturing process. Thus, the regions illustrated in the figures have schematic properties, and the shapes of the regions shown in the figures illustrate specific shapes of regions of elements, but are not intended to be limiting.
In a first aspect, an embodiment of the present disclosure provides a control device 100.
As shown in fig. 1 and 8, the control device 100 according to the embodiment of the present disclosure is used in a System On Chip (SOC) 500.
The SOC500 to which the control apparatus 100 according to the embodiment of the present disclosure is applied may be an SOC used in an intelligent connection system, for example, an SOC used in devices such as bluetooth and Wireless Fidelity (WIFI).
It should be understood that the SOC500 to which the control device 100 of the embodiment of the present disclosure is applicable is not limited thereto, and the control device 100 may also be used for an SOC in a display drive system or the like.
The SOC500 generally includes a memory 300 having a data read/write function, and a Bus (Bus) 200 for connecting the memory 300; the control device 100 of the present disclosure may be disposed between the bus 200 and the memory 300, and is used for controlling the memory 300 according to the instruction from the bus 200.
Fig. 1 illustrates an alternative implementation of a control device 100 provided by an embodiment of the present disclosure. As shown in fig. 1, a control device 100 of the embodiment of the present disclosure includes a bus interface 101, a memory interface 103, a write-once storage unit 104, and a security unit 102.
In the embodiment of the present disclosure, the bus interface 101 is used for connecting the bus 200 of the system on chip SOC 500; the number of the bus interfaces 101 is one or more, and at least part of the bus interfaces 101 are connected with the memory interface 103 through the safety unit 102;
the memory interface 103 is used to connect the memory 300 of the SOC 500:
the write-once storage unit 104 stores therein an encryption/decryption key;
the security unit 102 is connected to the write-once storage unit 104; the security unit 102 includes: an encryption/decryption module 1021 for encrypting data written to the memory 300 via the security unit 102 according to the encryption/decryption key, and decrypting data read from the memory 300 via the security unit 102.
The control device 100 of the embodiment of the present disclosure has one or more bus interfaces 101 for connecting the buses 200 and a memory interface 103 for connecting the memory 300, and at least some of all the bus interfaces 101 are connected to the memory interface 103 through the security unit 102, so that the corresponding bus 200 is actually connected to the memory 300 through the security unit 102, and thus, the security unit 102 can perform security processing on an access request to the memory 300 issued from the corresponding bus 200.
Illustratively, the number of bus interfaces 101 may be one, two, three, four, etc.; regardless of the number of bus interfaces 101, at least one bus interface 101 of all the bus interfaces 101 is connected to the memory interface 103 via the security unit 102. For example, when the number of the bus interfaces 101 is one, the bus interface 101 must be connected to the memory interface 103 through the security unit 102; when the number of the bus interfaces 101 is two, the two bus interfaces 101 may both be connected to the memory interface 103 through the security unit 102, or one of the bus interfaces 101 may be connected to the memory interface 103 through the security unit 102, while the other bus interface 101 is not connected to the memory interface 103 through the security unit 102.
In the disclosed embodiment, the memory 300 may be any memory device with read-write function used in the SOC500, including but not limited to Flash memory Flash, random access memory RAM, read only memory ROM, and the like.
The control device 100 further includes a write-once storage unit 104, and the write-once storage unit 104 may also be referred to as a write-once storage unit or a write-once storage module. Data can only be written once into the write-once memory cell 104 and the written data cannot be altered. The write-once storage unit 104 may store therein an encryption/decryption Key, i.e., an original Key (original Key). The meaning of the original key is described in detail later in connection with the detailed description.
In one possible embodiment, the write-once memory cell 104 includes an electrically programmable fuse.
The electrically programmable fuse refers to a controllable (programmable) fuse structure generated by the electromigration characteristic, and the write-once memory cell 104 may include the electrically programmable fuse, and record information by using the fusing condition of the electrically programmable fuse; the write-once memory cell 104 that includes electrically programmable fuses is referred to above as a "one-time programmable memory cell," and may also be abbreviated as an "eFuse.
A feature of a one-time programmable memory cell (eFuse) is that each bit of data is 0, which is equivalent to "unwritten", and once any bit of data is written to 1, the bit of data continues to be 1 and cannot be changed any more.
As a way of the disclosed embodiment, an eFuse may be used as the write-once memory cell 104.
In the embodiment of the present disclosure, the security unit 102 includes an encryption/decryption module 1021 connected to the write-once storage unit 104, and the encryption/decryption module 1021 may obtain an encryption/decryption key from the write-once storage unit 104, encrypt data written into the memory 300 according to the encryption/decryption key, and decrypt data read from the memory 300, that is, ensure that data in the memory 300 is encrypted.
In the embodiment of the present disclosure, the data in the memory 300 needs to be encrypted and decrypted according to the encryption and decryption key, so that the data stored in the memory 300 is encrypted, and the security is good; moreover, the encryption and decryption keys are stored in the write-once storage unit 104, so that the encryption and decryption keys cannot be illegally modified, which further improves the security of data, thereby improving the reliability of the SOC500 product and avoiding leakage of key information.
In the embodiment of the present disclosure, "to encrypt/decrypt based on an encryption/decryption Key" means that an encryption/decryption process should be related to the encryption/decryption Key, and a specific way of encrypting/decrypting based on the encryption/decryption Key includes encrypting/decrypting using the encryption/decryption Key (i.e., directly using an original Key), and also includes calculating a current Key (current Key) actually used according to the encryption/decryption Key and according to a certain algorithm, and encrypting/decrypting using the current Key.
In one possible embodiment, the write-once storage unit 104 further stores therein encryption/decryption count information;
encrypting data written to the memory 300 via the security unit 102 according to the encryption/decryption key, and decrypting data read from the memory 300 via the security unit 102 include: generating a current key from the encryption/decryption count information and the encryption/decryption key, and encrypting data written to the memory 300 via the security unit 102 with the current key and decrypting data read from the memory 300 via the security unit 102;
the encryption/decryption module 1021 is further configured to write at least one unwritten bit of the encryption/decryption count information to 1 before writing data into the memory 300 each time.
Fig. 2 illustrates another alternative implementation manner of the control device 100 provided in the embodiment of the present disclosure. As a manner of the embodiment of the present disclosure, as shown in fig. 2, when the write-once storage unit 104 adopts an eFuse, the eFuse may further store encryption/decryption count information (cnt), and at this time, the key actually used in the encryption/decryption process actually performed by the encryption/decryption module 1021 is a current key (current key) calculated according to an encryption/decryption key (original key) and a current cnt according to a certain algorithm; obviously, although the encryption/decryption keys (original keys) are the same, when the cnt is different, the calculated current key is different, i.e., the key actually used in the encryption/decryption process (current key) is different.
In the embodiment of the present disclosure, as shown in fig. 6, before writing data into the memory 300, at least one unwritten bit in the cnt is written to be 1 (for example, the lowest unwritten bit in the cnt is written to be 1, that is, the cnt is added by 1), so that the current key used in the subsequent writing is obtained according to the changed cnt; and when the data is read out (can be read out for a plurality of times), the cnt is not changed, the encryption key and the cnt (namely the cnt after the change before the writing) are used for calculating the current key, and the read data is decrypted by using the current key.
Before writing "again", at least one unwritten bit in the cnt should be written "again" with a 1, so that both the writing again and the subsequent reading use a new "current key derived from the changed cnt.
According to the mode, the process of writing in and all subsequent reading out is carried out based on a unique key (current key), and when new writing is carried out, the current key can be changed, so that the repeated use of the key is avoided, brute force cracking can be effectively prevented, and the safety is further improved; moreover, each current key is essentially generated based on the current cnt, and since a 1 in the eFuse cannot be changed to 0, the change in cnt is "irreversible", i.e., once the current key is changed, the current key used before cannot be "retrieved", thereby ensuring key uniqueness in hardware.
In the embodiment of the present disclosure, the memory 300 may store a firmware program of the SOC500, and the firmware program includes, but is not limited to, a boot code, an operating system, and other programs for driving the hardware of the SOC500 to work.
It can be seen that the above manner in which the change in cnt is "irreversible" results in a limited total number of writes to the memory 300 (at most equal to the number of bits of cnt) is suitable for "infrequently written" data, and the firmware program is not generally altered except for version updates, so the memory 300 is suitable for storing the firmware program of the SOC500.
It should be understood that, in the embodiment of the present disclosure, the data stored in the memory 300 may also be any other data, for example, data with a data amount smaller than a predetermined value, or general data.
It should be understood that the Encryption algorithm specifically usable in the embodiments of the present disclosure is not limited to the above example, and for example, other Encryption algorithms such as Advanced Encryption Standard (AES), block symmetric key algorithm (SM 4), and the like may be used.
In one possible embodiment, the write-once storage unit 104 also stores decryption enable information therein;
the encryption/decryption module 1021 is further configured to enable a decryption operation according to the decryption enable information.
As a way of the embodiment of the present disclosure, referring to fig. 2, the write-once storage unit 104 may further store decryption enable information (en), and the encryption/decryption module 1021 may compare the decryption enable information with information from the bus 200, and enable (or start, allow) the decryption operation when the above decryption enable information is included in the information from the bus 200, thereby further improving security.
In a possible embodiment, the security unit 102 further comprises:
an access authentication module 1022 for performing access authentication on an access request sent to the memory 300 via the security unit 102.
As shown in fig. 2, as a manner of the embodiment of the present disclosure, the secure unit 102 may further include an access authentication module 1022, configured to perform access authentication on an access request (e.g., a write request, a read request) sent to the memory 300 via the secure unit 102, and allow an operation (e.g., writing, reading) on the memory 300 according to the access request only if the authentication is passed, and not allow the access request to actually operate the memory 300 if the authentication is not passed. Therefore, the data security is further improved by the embodiment of the disclosure.
In one possible embodiment, the write-once storage unit 104 further stores therein signature information;
the access authentication module 1022 is used for performing signature authentication on the access request sent to the memory 300 via the security unit 102 according to the signature information.
As a mode of the embodiment of the present disclosure, as shown in fig. 2, the above access authentication may specifically be signature authentication, and information (signature information) for signature authentication is also stored in the write-once storage unit 104 to prevent the signature information from being tampered.
In one possible embodiment, the access authentication module 1022 is further configured to determine the range of the access request that can be accessed in the memory 300 according to the result of the access authentication.
As a way of the embodiments of the present disclosure, a range (or area) that can be accessed by the corresponding access request in the memory 300 may also be defined according to the result of the access authentication, so as to further improve data security.
For example, the space of the memory 300 may be divided into an "authentication area" and a "non-authentication area", and only in the case where the authentication is passed, the access to the "authentication area" is allowed.
For another example, as shown in fig. 2, different authentication information (e.g., signature information) and corresponding "sub-authentication areas" may be set for different users, and after the authentication is passed, a user corresponding to the access request is determined according to the authentication information, and the "sub-authentication area" corresponding to the user is allowed to be accessed, but the "sub-authentication area" of another user is not allowed to be accessed; thus, each user's access request can only access a particular "sub-authentication zone".
As another example, the access request and the authentication area may be "graded", and after the access request authentication of each level is passed, the access to the authentication area of the level and the lower levels is allowed, but the access to the authentication area of the higher level is not allowed.
It should be understood that the embodiments of the present disclosure may also include other operations related to access authentication, for example, when multiple errors occur in access authentication (e.g., access authentication for one user), the authentication zone (e.g., the sub-authentication zone corresponding to the user) may be locked, and no operation on the authentication zone may be allowed (unless a special unlocking operation is performed).
In a possible embodiment, the security unit 102 further comprises:
the descrambling module 1023 is used for scrambling the write address in the write request sent to the memory 300 by the security unit 102 to be the address for writing to the memory 300 and descrambling the address of the read request sent to the memory 300 by the security unit 102 to be the address for reading from the memory 300.
As shown in fig. 2, as a manner of the embodiment of the present disclosure, the secure unit 102 may further include a scrambling/descrambling module 1023, configured to scramble and descramble addresses of a write request and a read request. That is, when a write request from the bus 200 requests to write data to a certain address of the memory 300, the scrambling/descrambling module 1023 scrambles the address to obtain a scrambled address, and actually writes the data to the scrambled address of the memory 300; when a read request from the bus 200 requests to read data from an address of the memory 300, the descrambler 1023 descrambles the address to obtain a descrambled address (i.e. an address where data is actually written in a corresponding writing process), and reads the data from the descrambled address of the memory 300. It can be seen that by setting the descrambling module 1023, the data security is further improved.
In one possible embodiment, bus interface 101 includes a first bus interface 1011 for connecting to first bus 201, and a second bus interface 1012 for connecting to second bus 202;
the first bus interface 1011 is connected to the memory interface 103 via the security unit 102;
the second bus interface 1012 is not connected to the memory interface 103 via the security unit 102.
As a mode of the embodiment of the present disclosure, as shown in fig. 2, in some specific application places (for example, places where high-efficiency operation is required), it may be desirable to directly operate the memory 300 without secure processing, and for this reason, the control device 100 of the embodiment of the present disclosure may be provided with a bus interface 101 (second bus interface 1012) that is connected to the memory interface 103 without the secure unit 102, in addition to the bus interface 101 (first bus interface 1011) that is connected to the memory interface 103 via the secure unit 102. That is, the control device 100 according to the embodiment of the present disclosure can connect at least two buses 200, in which the operation performed on the memory 300 through the second bus interface 1012 (the second bus 202) is not performed with security processing such as encryption/decryption (and authentication, scrambling/descrambling).
It should be understood that the second bus interface 1012 is provided in the control device 100, so that the second bus 202 is still connected to the memory 300 through the control device 100, rather than directly connected to the memory 300.
It should be understood that the above description of the first bus interface 1011 and the second bus interface 1012 does not limit the control apparatus 100 to be connected to only two buses 200, for example, the number of each of the first bus interface 1011 and the second bus interface 1012 may be plural.
In one possible embodiment, the first bus interface 1011 is an AHB interface for connecting an advanced high-performance bus AHB;
the second bus interface 1012 is an APB interface for connecting the advanced peripheral bus APB.
As a form of the disclosed embodiment, the first Bus interface 1011 may be used to connect an AHB (Advanced High performance Bus) Bus, and the second Bus interface 1012 may be used to connect an APB (Advanced performance Bus) Bus.
It should be understood that the specific types of buses 200 and bus interfaces 101 described above are exemplary only, and are not limiting as to the scope of applicability of the disclosed embodiments.
In one possible embodiment, the control device 100 of the embodiment of the present disclosure further includes a range defining unit 105;
the second bus interface 1012 is connected to the memory interface 103 via the range-defining unit 105;
the range defining unit 105 is used to define a range that an access request sent to the memory 300 therethrough can access in the memory 300.
As shown in fig. 2, as a mode of the embodiment of the present disclosure, although the security unit is not connected between the second bus interface 1012 and the memory interface 103, the range limiting unit 105 needs to be provided. The range limiting unit 105 is configured to limit a range that an access request from the second bus interface 1012 (the second bus 202) can access in the memory 300, so as to prevent the access request from the second bus interface 1012 from affecting the data that is securely processed in the memory 300 (e.g., acquiring the encrypted data or overwriting the encrypted data).
For example, the range-defining unit 105 may define that the access request from the second bus interface 1012 can only access the "normal area" of the memory 300, while the security unit 102 defines that the access request from the first bus interface 1011 can only access the "encrypted area" of the memory 300, and the "normal area" and the "encrypted area" are different areas in the memory 300, that is, the data that is processed and not processed by security completely correspond to different areas of the memory 300.
In a second aspect, the embodiments of the present disclosure provide a method for data processing, which is performed by any one of the control devices of the embodiments of the present disclosure.
Fig. 3 shows an alternative implementation of the method for data processing provided by the embodiment of the present disclosure.
As shown in fig. 3, the method for processing data according to the embodiment of the present disclosure includes:
s201, responding to the write request sent to the memory received by the security unit, the encryption and decryption module acquires the encryption and decryption key from the write-once storage unit and encrypts the data written into the memory 300 according to the encryption and decryption key.
S202, in response to the security unit receiving the read request sent to the memory, the encryption and decryption module acquires the encryption and decryption key from the write-once storage unit and decrypts the data read from the memory according to the encryption and decryption key.
The data processing method of the embodiment of the disclosure is executed by the above control device, so that when data is to be written into the memory via the security unit, the encryption and decryption module acquires the encryption and decryption key from the write-once storage unit, and encrypts the data to be written according to the encryption and decryption key; when data is to be read out from the memory via the security unit, the encryption/decryption module acquires the encryption/decryption key from the write-once storage unit, and decrypts the read data based on the encryption/decryption key.
It should be understood that the numbers of the steps in the above method only indicate the operations that need to be performed separately in different cases (writing, reading), and do not represent the execution sequence of the corresponding steps.
It should be understood that the specific processes of the data processing method of the embodiment of the present disclosure correspond to the respective settings of the control device 100.
For example, when the write-once storage unit in the control device is a one-time programmable storage unit (eFuse), and the eFuse stores encryption and decryption count information (cnt), encryption and decryption can be performed by using the current key calculated by the cnt and the encryption and decryption key, and the cnt needs to be changed before each write.
For another example, as shown in fig. 2, when the control device includes an authentication module and/or a scrambling/descrambling module, there is a corresponding authentication and/or scrambling/descrambling step.
For another example, as shown in fig. 2, when the control device includes the second bus interface, the access request from the second bus interface should be directly processed without being subjected to the security processing.
Fig. 4 illustrates an alternative implementation manner when data writing is performed in the method for data processing provided by the embodiment of the present disclosure. As shown in fig. 4, when the secure unit receives a write request from the bus, the write request is authenticated first; if the authentication is not passed, continuing to wait for the request from the bus, and if the authentication is passed, judging whether the current encryption state is enabled; if the encryption state is enabled, encrypting the data to be written into the memory (according to the encryption and decryption key acquired from the write-once storage unit), and if the encryption state is not enabled, directly entering the subsequent steps without encryption; the address in the write request is scrambled and the data (which may be encrypted) is written to memory according to the scrambled address.
Fig. 5 shows an alternative implementation manner when data reading is performed in the method for data processing provided by the embodiment of the disclosure. As shown in fig. 5, when the secure unit receives a read request from the bus, the read request is first authenticated; if the authentication is passed, the subsequent step is carried out, and if the authentication is not passed, the request from the bus is continuously waited; descrambling the address in the read request, and reading data from the memory according to the descrambled address; determine whether decryption is currently required (i.e., whether encryption was previously performed when data was written): if necessary, the data read from the memory is decrypted (decrypted by the encryption/decryption key acquired from the write-once storage unit) and then output to the bus, and if not necessary, the data read from the memory is directly output to the bus.
It is to be understood that the foregoing description and drawings are only illustrative of embodiments of the disclosure, and are not restrictive of the possible ways in which it may be practiced. For example, the order of the above operations of encryption/decryption, authentication, etc. may be adjusted, and only a portion of the operations (e.g., only encryption/decryption, not encryption/decryption, authentication, etc.) may be performed.
In a third aspect, an embodiment of the present disclosure provides a storage system 400.
Fig. 7 illustrates an alternative implementation of a storage system 400 provided by an embodiment of the present disclosure. As shown in fig. 7, the memory system 400 according to the embodiment of the present disclosure includes any one of the control apparatuses 100 according to the embodiments of the present disclosure, and a memory 300 of the system on chip SOC.
In the embodiment of the present disclosure, the SOC memory 300 is connected to the memory interface of the control device 100.
The control apparatus 100 of the embodiment of the present disclosure is connected to the memory 300, thereby forming a memory system 400 for use in an SOC.
In one possible embodiment, the memory 300 stores a firmware program of the SOC500 and/or data of which the data amount is less than a predetermined value.
In one possible embodiment, the memory 300 includes at least one of: flash memory Flash, random access memory RAM, read-only memory ROM.
In a fourth aspect, the disclosed embodiments provide a system on chip SOC500.
Fig. 8 shows an alternative implementation of the SOC500 provided by the embodiments of the present disclosure. As shown in fig. 8, the SOC500 of the embodiment of the present disclosure includes a bus 200, a memory 300, and any one of the control devices 100 of the embodiment of the present disclosure.
In the embodiment of the present disclosure, a bus interface of the control device 100 is connected to the bus 200, and a memory interface of the control device 100 is connected to the memory 300.
In the SOC500 according to the embodiment of the present disclosure, the above control device 100 is provided between the bus 200 and the memory 300.
In the embodiment of the present disclosure, the SOC500 may specifically be an SOC used in an intelligent connection system, for example, an SOC used in devices such as bluetooth and WIFI.
It should be understood that the SOC500 of the embodiments of the present disclosure is not limited thereto, as it may also be an SOC used in a display driving system.
It should be understood that other structures such as chips, power supplies, circuit boards, etc. may also be included in the SOC500 of the embodiments of the present disclosure, and are not described in detail herein.
One of ordinary skill in the art will appreciate that all or some of the steps, systems, functional modules/units in the devices disclosed above may be implemented as software, firmware, hardware, and suitable combinations thereof.
In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation.
Some or all of the physical components may be implemented as software executed by a processor, such as a Central Processing Unit (CPU), digital signal processor, or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit. Such software can be distributed on computer readable media, which can include computer readable media (or non-transitory media) and communication media (or transitory media). The term computer readable media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data, as is well known to those of ordinary skill in the art. Computer-readable media include, but are not limited to, random access memory (RAM, more specifically SDRAM, DDR, etc.), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), FLASH memory (FLASH), or other disk storage; compact disk read only memory (CD-ROM), digital Versatile Disk (DVD), or other optical disk storage; magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage; any other medium which can be used to store the desired information and which can be accessed by a computer. In addition, communication media typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media as is well known to those skilled in the art.
The present disclosure has disclosed example embodiments and, although specific terms are employed, they are used and should be interpreted in a generic and descriptive sense only and not for purposes of limitation. In some instances, features, characteristics and/or elements described in connection with a particular embodiment may be used alone or in combination with features, characteristics and/or elements described in connection with other embodiments, unless expressly stated otherwise, as would be apparent to one skilled in the art. Accordingly, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the scope of the disclosure as set forth in the appended claims.
Claims (15)
1. A control device is characterized by comprising a bus interface, a memory interface, a write-once storage unit and a safety unit;
the bus interface is used for connecting a bus of the system on chip SOC; the number of the bus interfaces is one or more, and at least part of the bus interfaces are connected with the memory interface through the safety unit;
the memory interface is used for connecting a memory of the SOC:
the write-once storage unit stores an encryption and decryption key;
the safety unit is connected with the write-once storage unit; the security unit includes: and the encryption and decryption module is used for encrypting the data written into the memory by the security unit according to the encryption and decryption key and decrypting the data read out from the memory by the security unit.
2. The control device according to claim 1, wherein the safety unit further comprises:
and the access authentication module is used for performing access authentication on the access request sent to the memory by the security unit.
3. The control device according to claim 2,
signature information is also stored in the write-once storage unit;
the access authentication module is used for performing signature authentication on an access request sent to the memory by the security unit according to the signature information.
4. The control device according to claim 2,
the access authentication module is further used for determining the range of the access request in the memory according to the result of the access authentication.
5. The control device according to claim 1, wherein the safety unit further comprises:
and the scrambling and descrambling module is used for scrambling a write address in a write request sent to the memory by the security unit to be used as an address written into the memory and descrambling an address of a read request sent to the memory by the security unit to be used as an address read out from the memory.
6. The control apparatus according to claim 1, wherein the write-once storage unit includes:
the fuse is electrically programmed.
7. The control apparatus according to claim 6, wherein the write-once storage unit further stores therein encryption/decryption count information;
the encrypting the data written into the memory by the security unit according to the encryption and decryption key and decrypting the data read out from the memory by the security unit include: generating a current key according to the encryption and decryption counting information and the encryption and decryption key, encrypting the data written into the memory by the security unit by using the current key, and decrypting the data read out from the memory by the security unit;
the encryption and decryption module is further used for writing at least one unwritten bit in the encryption and decryption count information as 1 before writing data into the memory each time.
8. The control apparatus according to claim 1, wherein the write-once storage unit further stores decryption enable information therein;
the encryption and decryption module is further used for enabling decryption operation according to the decryption enabling information.
9. Control device according to claim 1, characterized in that the bus interface comprises a first bus interface for connection to a first bus and a second bus interface for connection to a second bus;
the first bus interface is connected with the memory interface through the safety unit;
the second bus interface is not connected to the memory interface via the security unit.
10. The control device according to claim 9, characterized by further comprising a range defining unit;
the second bus interface is connected with the memory interface through the range limiting unit;
the range defining unit is configured to define a range in the memory that can be accessed by an access request sent to the memory therethrough.
11. The control device according to claim 9,
the first bus interface is an advanced high performance bus (AHB) interface used for connecting an AHB;
the second bus interface is an Advanced Peripheral Bus (APB) interface for connecting an APB.
12. A method of data processing, the method being performed by a control apparatus according to any one of claims 1 to 11, the method comprising:
in response to the security unit receiving a write request sent to the memory, the encryption and decryption module acquires the encryption and decryption key from the write-once storage unit and encrypts data written to the memory according to the encryption and decryption key;
in response to the security unit receiving a read request sent to the memory, the encryption and decryption module obtains the encryption and decryption key from the write-once storage unit and decrypts the data read from the memory according to the encryption and decryption key.
13. A memory system comprising the control apparatus according to any one of claims 1 to 11, and a memory of a system on chip SOC;
wherein the memory of the SOC is connected with the memory interface of the control device.
14. The storage system of claim 13,
the memory stores a firmware program of the SOC and/or data of which the data amount is less than a predetermined value.
15. A system on chip SOC comprising a bus, a memory, and the control device of any one of claims 1 to 11;
wherein the bus interface of the control device is connected with the bus, and the memory interface of the control device is connected with the memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210742596.7A CN115185879A (en) | 2022-06-28 | 2022-06-28 | Control device, data processing method, storage system, and SOC |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210742596.7A CN115185879A (en) | 2022-06-28 | 2022-06-28 | Control device, data processing method, storage system, and SOC |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115185879A true CN115185879A (en) | 2022-10-14 |
Family
ID=83515011
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210742596.7A Pending CN115185879A (en) | 2022-06-28 | 2022-06-28 | Control device, data processing method, storage system, and SOC |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115185879A (en) |
-
2022
- 2022-06-28 CN CN202210742596.7A patent/CN115185879A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10361850B2 (en) | Authenticator, authenticatee and authentication method | |
| US9100187B2 (en) | Authenticator | |
| CN108599930B (en) | Firmware encryption and decryption system and method | |
| JP3774260B2 (en) | Memory card security system device and memory card thereof | |
| US9043610B2 (en) | Systems and methods for data security | |
| EP2751732B1 (en) | Authenticator, authenticatee and authentication method | |
| US8612774B2 (en) | Secure OTP using external memory | |
| US20080107275A1 (en) | Method and system for encryption of information stored in an external nonvolatile memory | |
| US7882355B2 (en) | Encryption/decryption methods and devices utilizing the same | |
| EP3127273B1 (en) | Cryptographic chip and related methods | |
| KR20090007123A (en) | Secure boot method and semiconductor memory system for using the method | |
| US20120096280A1 (en) | Secured storage device with two-stage symmetric-key algorithm | |
| US20120284534A1 (en) | Memory Device and Method for Accessing the Same | |
| US10387653B2 (en) | Secure provisioning of semiconductor chips in untrusted manufacturing factories | |
| US9076002B2 (en) | Stored authorization status for cryptographic operations | |
| US11768963B2 (en) | System and method for validating trust provisioning operation on system-on-chip | |
| US20080104396A1 (en) | Authentication Method | |
| CN115185879A (en) | Control device, data processing method, storage system, and SOC | |
| US20070180250A1 (en) | Apparatus and Method for Improving Security Level In Card Authentication System | |
| US8095805B2 (en) | Security flash memory, data encryption device and method for accessing security flash memory | |
| US10318766B2 (en) | Method for the secured recording of data, corresponding device and program | |
| WO2024066533A1 (en) | Chip assembly and information processing method thereof, and computer readable medium | |
| US20070174543A1 (en) | High-security mask ROM and data scramble/descramble method thereof | |
| CN116361207A (en) | Method and device for protecting and managing key | |
| CN118114280A (en) | Data encryption and decryption method, and chip external data safe operation method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |